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INTRODUCTION 


In Unit 4 we studied polynomial congruences. We found that, provided we 
take congruence to a prime modulus, a polynomial congruence of degree k 
has at most k incongruent solutions. In this respect polynomial congruences 
are similar to polynomial equations. In this unit we are going to concentrate 


on polynomial congruences of degree 2, called quadratic congruences. We In most cases the modulus will be 
shall quickly discover that the key problem is to solve the congruence an odd prime. 
x” =a (mod p). 


In other words we shall try to find which integers are squares modulo p. In 
previous units we have solved such problems for small primes p. For 
instance, by working out 0°, 17, 2?, 3? and 4? modulo 5 we see that the only 
squares modulo 5 are 0, 1 and 4. It follows that the quadratic congruences 


z? = 2 (mod 5) and x? = 3 (mod 5) 
are each unsolvable. 


As the task of solving quadratic equations presents little challenge, the 
thought of devoting a whole unit to quadratic congruences might, 
understandably, seem unexciting. Be patient! Investigation of when a 
quadratic congruence has solutions (without actually solving it) leads us 
through three classic results of number theory: Euler’s Criterion, Gauss’ 
Lemma and the Law of Quadratic Reciprocity. The latter is a most 
fascinating result, described by Gauss as the ‘gem of higher arithmetic’. The 
consequences of these results are far-reaching in other areas of number 
theory. In this unit we shall use them to establish several more special cases 
of Dirichlet’s Theorem on primes in arithmetic progressions, which we first 
investigated in Unit 2. Later in the course we shall see further applications 
of these results to the solution of Diophantine equations, which are the 
subject of Unit 8. 


1 EULER’S CRITERION 


1.1 Quadratic residues 
Consider the quadratic congruence 
ax? + bx +c =0 (mod p), 


where p is an odd prime and a #0 (mod p). In an attempt to solve this a #0 (mod p) <=> gcd(a,p) = 1 
congruence we can write the left-hand side in an alternative form by <= p does not divide a. 
‘completing the square’ to get all involvement of x into a single squared 

term. To achieve that, we first multiply through by 4a, which will not affect 

the solutions since ged(4a, p) = 1: 


4a*x? + dabx + 4ac = 0 (mod p). 


That is, This is essentially the process used 
2 2 to obtain the ‘quadratic formula’ 
(2ax +b)“ + 4ac — b° = 0 (mod p), o btv Tae 
and adding b? — 4ac to both sides, 2a l 


(2ax + b)? = b? — 4ac (mod p). 


If we now let d = b? — 4ac and put y = 2ax + b the quadratic congruence 
takes the simplified form 


y? = d (mod p). 


For each solution yo of this congruence we can recover a solution of the 
original congruence by solving 2ax + b = yo (mod p), which is known to be 
uniquely solvable since ged(2a, p) = 1. 


To illustrate this let us work through a specific example. 


Example 1.1 
Solve 2x? + 2x + 1 = 0 (mod 29). 
We begin by multiplying through by 4 x 2 = 8: 

16x? + 162 + 8 = 0 (mod 29), 
and then complete the square: 

(4x + 2)? + 4 = 0 (mod 29). 
Now add —4 to both sides: 

(4x + 2)? = —4 (mod 29). 
Putting y = 4x + 2, and replacing —4 by the congruent integer 25 we arrive 
at 

y? = 25 (mod 29), 
which has the two solutions 

y =5 (mod 29) and y=-—5 (mod 29). 
Lagrange’s Theorem guarantees that there are no more than these two. 
The solutions in x are therefore obtained by solving two linear congruences: 

4z + 2=5 (mod 29) <= > 4r =3 = 32 (mod 29) 
<> r=8 (mod 29); 
4r +2 = —5 (mod 29) <> 4r = —7 = —36 (mod 29) 
<> r= -9 = 20 (mod 29). 

So the two solutions are x = 8, 20 (mod 29). + 


Problem 1.1 


Solve the following quadratic congruences using the process illustrated in 
Example 1.1. 


(a) 5a? + 7x + 1 = 0 (mod 13) 
(b) z? +2+1=0 (mod 5) 
(c) £? +3x +4 = 0 (mod 7) 


The examples in Problem 1.1 show that a quadratic congruence to prime 
modulus may have 0, 1 or 2 solutions. They also pinpoint what is the key 
issue in solving ax? + bz + c = 0 (mod p). This congruence has solution(s) 
if, and only if, b? — 4ac is congruent modulo p to a square. What we need is 
a way of determining which integers are the squares modulo p. First we 
introduce some new terminology. 


Definition 1.1 Quadratic residues 


Let p be an odd prime and a Æ 0 (mod p). If the congruence 

xz? =a (mod p) has a solution then a is said to be a quadratic residue 
of p. Otherwise a is a quadratic non-residue of p. We refer to 

whether a is a quadratic residue or quadratic non-residue of p as being 
the quadratic character of a modulo p. 


Notice that if a = b (mod p) then the congruence x? = a (mod p) has a 


solution if, and only if, the congruence x? = b (mod p) has a solution, and so 


The solutions obtained can, of 
course, be checked by substituting 
8 and 20 back into the original 
congruence. 


The number b? — 4ac is called the 
discriminant of the quadratic 
ax” + br +c. 


congruent integers are of the same quadratic character, that is, both are 
quadratic residues of p or both are quadratic non-residues of p. For this 
reason it will be enough to consider the quadratic character of the non-zero 
least positive residues modulo p. So when, as in the coming example, we ask 
for the quadratic residues or non-residues of p, the expected answer will be a 
collection of integers in the range from 1 to p — 1. 


Example 1.2 


Find the quadratic residues and the quadratic non-residues of 11. 


To list the quadratic residues of 11 it suffices to determine the squares 
12, 27, ...., 10? modulo 11. 


1? = 1 (mod 11) 
2? = 4 (mod 11) 


= = 9 (mod 11) 

2 = 5 (mod 11) 

2 = 3 (mod 11) 
7 = (—5)? = 3 (mod 11) 
7? = (—4)? =5 (mod 11) 
8? = (—3)? = 9 (mod 11) 
9? = (—2)? = 4 (mod 11) 


10? = (—1)? = 1 (mod 11) 


Therefore the quadratic residues of 11 are 1, 3, 4, 5 and 9. The quadratic 
non-residues of 11 are the remaining non-zero least positive residues, namely 
2, 6, 7, 8 and 10. + 


Problem 1.2 


Determine the quadratic residues and the quadratic non-residues of 13. 
Hence determine the values of c for which the congruence 
x? + x — c = 0 (mod 13) has solutions. 


You may have noticed that our definition excludes 0 as a quadratic residue 
despite the fact that 0 is certainly a square. We also removed from 
consideration the case p = 2, where the only non-zero residue, 1, is a square. 
The major reason is that these decisions enable us to express results in 
neater forms. For example, the congruence 

x? =a (mod p) 
has no solutions if a is a quadratic non-residue of p, has one solution if If x = b (mod p) is a solution then 
a = 0 (mod p) and two solutions if a is a quadratic residue of p. In addition, so too is z = —b (mod p) and 
with these definitions, as we have seen for the examples p = 11 and p= 13, ° # —b (mod p) except when 
there are the same number of quadratic residues as there are quadratic TIPTOP. 
non-residues. We establish this fact now. 


Theorem 1.1 The quadratic residues of p 


E = 
For any odd prime p there are g 7 quadratic residues and 2 


quadratic non-residues. The quadratic residues are congruent modulo p 


2 
—1 
to the integers 17, 27, 37, ..., p 5 ) : 


Proof of Theorem 1.1 


The quadratic residues of p are the integers which result from the evaluation 
of the squares 1?, 2?, 32, ..., (p — 1)? modulo p. But r? = (—r)? and so 
these p — 1 integers fall into congruent pairs modulo p, namely 


ss p+1\’ 
Pag — 1), 2 =—— 2); 2x; (25) = (QF) ; — that we require p to be odd 
ere. 


p- 


As r? £0 (mod p), for 1 < r < p, 
the integer 0 is not listed amongst 


2 
all 
teges a, 27,3", 5. (25) : these. 


To complete the proof it remains to show that no two of these integers are 
congruent modulo p. With that objective in mind suppose that 


Therefore each quadratic residue of p is congruent to one of the 


r? = 32 (mod p), for some 1 <s <r < a: 
Our goal is to deduce from this that r = s. Now r? = s? (mod p) means 
that p is a divisor of r? — s? or, after factorizing, p divides (r — s)(r + s). 
Euclid’s Lemma takes us a step further: either p divides r — s or p divides 
r+ s. The latter is impossible since 2 < r +s < p — 1. As to the former, the 


fact that r — s lies in the range 0 <r—s< 4 confirms that p can only 
divide r — s when r — s = 0; that is, when r = s. 


—1 
Thus there are exactly aaa quadratic residues and hence $ quadratic 


non-residues. E 


1.2 Euler’s Criterion 


We shall keep returning to the task of actually solving congruences, but for 
the time being we shall concentrate on the key question which confronts us 
when deciding whether or not a quadratic congruence has solutions. 


Given a Æ 0 (mod p), is a a quadratic residue of p? 


Theorem 1.1 suggests one line of attack by providing a means of listing all 
the quadratic residues of p. However the amount of computation it entails, 
even for a relatively small prime p, forces us to look around for some 
alternative method. Our next result, first attributed to Euler, provides such 
an alternative method. Whilst it can still involve cumbersome computations 
it is a very useful theoretical result for which we shall find numerous 
applications. 


Theorem 1.2 Euler’s Criterion 


Let p be an odd prime and a Æ 0 (mod p). Then a is a quadratic 


residue of p if, and only if, a®71)/2 = 1 (mod p) and is a quadratic 
non-residue of p if, and only if, a—))/? = —1 (mod p). 


The proof that we are going to give of Euler’s Criterion involves careful 
pairing of the integers forming the set of non-zero least positive residues 
modulo p. We shall first illustrate the line of proof for the case of the 


prime 13. 

We have seen in Problem 1.2 that 2 is a quadratic non-residue of 13. We take the slightly easier case of a 
Consider the congruence bx = 2 (mod 13), where b is any of the integers non-residue first. 

1, 2, ..., 12. Since ged(b, 13) = 1 this congruence has a unique solution. The 


solution is certainly not x = 0 (mod 13) and neither is it x = b (mod 13), for 
then b? = 2 (mod 13) which would contradict the fact that 2 is a quadratic 
non-residue. Hence, for each choice of b, the solution of br = 2 (mod 13) is 


one of the other integers in the set {1,2,...,12}. It follows that these 12 
integers break into pairs whose product is congruent modulo 13 to 2. These 
pairs are as follows. 


1x2=2(mod 13) 3x5 = 2 (mod 13) 
4x7=2(mod13) 6x9=2 (mod 13) 
8 x 10 = 2 (mod 13) 11 x 12=2 (mod 13) 


Multiplying these six congruences together we obtain 
12! = 2° (mod 13). 

But we know from Wilson’s Theorem that 12! = —1 (mod 13), and so 
2° = —1 (mod 13), 


which is the claim of Euler’s Criterion for the case of the quadratic 
non-residue 2 of 13. 


There is nothing special here about the prime 13 nor of the chosen integer 2. 
The crux of the general proof which follows shortly is to show that, for any 
odd prime p and any. quadratic non-residue a of p, the integers in the set 
{1,2,...,p—1} break into pairs with product congruent modulo p to a. 


To illustrate Euler’s Criterion for the case of a quadratic residue we proceed 

in a similar vein. Take a = 3 and and consider solutions of br = 3 (mod 13). We discovered that 3 is a quadratic 
The difference this time is that the congruence x? = 3 (mod 13) does have residue of 13 in Problem 1.2. 
solutions, namely x = 4 (mod 13) and z = 9 (mod 13). The remaining ten 

integers in {1,2,...,12} break into pairs whose product is congruent modulo 

13 to 3. 


1 x 3 = 3 (mod 13) 2 x 8 = 3 (mod 13) 
5 x 11 = 3 (mod 13) 6x7=3 (mod 13) 
10 x 12 = 3 (mod 13) 


If we multiply together the left-hand sides of these congruences the outcome 
will not be 12!, since the integers 4 and 9 are missing. To rectify this, so 
that we can subsequently appeal to Wilson’s Theorem, we include the 
additional congruence whose left-hand side is 4 x 9: 


4 x 9 = 36 = —3 (mod 13). 


(As we shall see shortly, it is no accident that the right-hand side of this 
congruence has turned out to be the negative of the quadratic residue under 
consideration.) Multiplying all six congruences together we reach 


12! = 3° x (—3) = —3° (mod 13), 
whereupon invocation of Wilson’s Theorem leads to 3° = 1 (mod 13). This 


is what Euler’s Criterion claims for the quadratic residue 3 of 13. 


Our task now is to convert these illustrations into general arguments. 


Proof of Euler’s Criterion 


Let a be a quadratic non-residue of p and let b be any integer in 
{1,2,...,p— 1}. The linear congruence br = a (mod p) has a unique 
solution b’ also in {1,2,...,p—1}. Note that b Æ b’, for otherwise 

b? = a (mod p) and a would be a quadratic residue of p. It follows that the 


integers in {1,2,...,p— 1} fall into p pairs b,b’ with the property that 
bb' = a (mod p). Hence 

(p—1)!=1x2x3x---x (p—1)=axax-:--xa=a®-/? (mod p). 
If we now bring in Wilson’s Theorem, (p — 1)! = —1 (mod p), we reach 


GP OF = 3 (mod p), for any quadratic non-residue a. 


Let us now attempt the same argument for the case of a being a quadratic 


residue of p. This time the congruence x? = a (mod p) has a solution. 
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In fact it will have exactly two solutions. Lagrange’s Theorem guarantees 
that it has at most two solutions and if c is one solution in {1,2,...,p — 1} 
then p — c is certainly another since 


(p —c)* = (—c)? = 2 =a (mod p) 
and c Æ p — c as p = 2c is impossible. 


If we remove c and p — c from {1,2,...,p—1} then, as before, the remaining 


integers fall into = pairs b,b’ with the property that bb’ = a (mod p). So 


this time 


(p—1)! 


1x2x---xcx:--x (p—c)x--:x(p—1) 
=axax---xXaxcx (p—c) (mod p) 
= a'?—3)/2(_¢*) (mod p) 
= a'?-3)/2(_@) (mod p) 
= —q'?-))/2 (mod p). 
Replacing (p — 1)! by —1 and cancelling by —1 leads to 
a®—-})/2 = 1 (mod p), for any quadratic residue a. 


We have now shown that if a is a quadratic residue, then 
a?~1)/2 = 1 (mod p) and if a is a quadratic non-residue, then 
a(P—1)/2 = _] (mod p). 


To complete the ‘only if’ parts suppose first that a/~))/? = 1 (mod p). As 

a #0 (mod p), it is either a quadratic residue or a quadratic non-residue. If 
we assume that a is a non-residue then a‘?—!)/? = —1 (mod p) and this 
would imply that 1 = —1 (mod p) which is false for an odd prime. So if 
a‘?—1)/2 = 1 (mod p) then a is a quadratic residue. The non-residue case 
follows similarly. E 


1.3 Uses of Euler’s Criterion 


We have already determined the quadratic residues of the prime 13 but 
there is no harm in tackling the same problem by a totally different method. 
As we shall see, Euler’s Criterion is very useful for determining whether or 
not a given integer is a quadratic residue, but it is less helpful when we wish 
to determine all the quadratic residues of a given prime. 


Example 1.3 
Use Euler’s Criterion to determine tħe quadratic residues and non-residues 
of the prime 13. 


To determine whether or not a is a quadratic residue of 13, Euler’s Criterion 
tells us to investigate a(!371)/2 = aê in the certain knowledge that for any a 


in the set {1,2,3,...,12} either aê = 1 (mod 13), in which case a is a 


quadratic residue, or aê = —1 (mod 13), in which case a is a quadratic 


non-residue. 
1° = 1 (mod 13) 
2° = 16 x 4 = 12 = —1 (mod 13) 
3° = 3° x 397 = 1x 1=1 (mod 13) 
4° = (47)° = 3° = 1 (mod 13) 
5° = (57)? = (—1)? = —1 (mod 13) 
6° = (67)° = (—3)3 = —1 (mod 13) 


No further computation is needed because 


(13 — r)® = (—r)® = r® (mod 13), 


and so, 
7° = 6°, 8° = 5°, 9 = 46, 10° = 36, 11° = 26 and 12° = 1° (mod 13). 
The list of quadratic residues of 13 is therefore 1, 3, 4, 9, 10 and 12 and the 


non-residues are the other six non-zero least positive residues, namely 2, 5, 
6, 7, 8 and 11. 


Problem 1.3 
Determine the quadratic character of 5 for each of the primes 11, 17 and 19. 


Primitive roots provide an alternative way of determining the quadratic 
residues of an odd prime p. Suppose that r is a primitive root of p. Then the 
set of integers {r,r?,...,r?~1} is a reduced set of residues for p. That is, 
after replacing each by its least positive residue modulo p (and reordering as 
appropriate), it is the set {1,2,...,p— 1}. Half of these integers are 
quadratic residues and the other half wy gee ca non-residues, their 

p 


designations being readily seen: the integers {r?,r*,...,r?-1}, being 


even powers of the primitive root and hence squares, are the quadratic 
residues. 


Example 1.4 
Given that 2 is a primitive root of 19 determine the quadratic residues of 19. 
19-1 


The first 


whilst the remaining 9 non-zero integers less than 19 are the quadratic 
non-residues. 


2 =4 
= 16 
2° = 64 = 7 (mod 19) 
28 =7 x 4 = 28 = 9 (mod 19) 
210 = 9 x 4 = 36 = 17 (mod 19) 
2!? = 17 x 4 = 68 = 11 (mod 19) 
214 = 11 x 4 = 44 = 6 (mod 19) 
216 = 6 x 4 = 24 = 5 (mod 19) 
218 = 5 x 4 = 1 (mod 19) 
The quadratic residues of 19 are therefore 1, 4, 5, 6, 7, 9, 11, 16 and 17. @ 


= 9 even powers of 2 give the quadratic residues of 19 


From the identity 
(ab)? 79/2 — q{P-1)/2p(p—1)/2 


and knowledge of the quadratic character of a and b, Euler’s Criterion tells 
us immediately whether or not the product ab is a quadratic residue. For 
example, if a is a quadratic residue of p, so that a'?-))/? = 1 (mod p), and b 
is a quadratic non-residue of p, so that b{?-))/2 = —1 (mod p), then 
multiplying the two together gives (ab)’?—!)/? = —1 (mod p) showing that ab 
is a quadratic non-residue. Looking similarly at the other three 
combinations we obtain the following table, which is essentially determined 
by the products of 1 (for residue) and —1 (for non-residue). 


Table 1.1 Table of residue multiplication 


residue non-residue 
residue residue non-residue 
non-residue | non-residue residue 


You may wish to refer to this table in answering the following problems. 
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In Unit 5 we mentioned (without 
proof) that every prime does have 
a primitive root. 


In each case we multiply the 
previous value by 4 and reduce 
modulo 19. 


Problem 1.4 
Let p be an odd prime. 


(a) If b #0 (mod p) and the congruence az? = b (mod p) has a solution 
what can you deduce about the quadratic characters of a and b? 


(b) If —1 is a quadratic residue of p what can you infer about p? 


(c) If a is a quadratic residue of p under what circumstances is p — a also a 
quadratic residue? 


2 THE LEGENDRE SYMBOL 


2.1 Properties of the Legendre symbol 
Adrien-Marie Legendre (1752-1833) 


Legendre was born in Toulouse and educated at the Mazarin College in 
Paris. Throughout a distinguished mathematical career Legendre 
contributed to significant advances in many fields. He was mainly an 
analyst, but arguably the finest of many books that he published was 
Elements de Geometrie, in which he reorganized the geometrical content 
of Euclid’s Elements systematically, offering simpler, but equally 
rigorous proofs. The result was one of the most successful textbooks 
ever written; it was still being used as a standard text in school 
geometry until nearly the end of the nineteenth century. 


Earlier Legendre had written a three volume comprehensive treatment 
of Integral Calculus, followed by a further three volume work on Elliptic 
Integrals. In these works he introduced numerous tools of analysis still 
used by applied mathematicians, including the beta and gamma 
functions and the Legendre polynomials, which are used in solving 
certain differential equations. 


Legendre was not a great innovator in number theory but his writings 
did point mathematicians of the nineteenth century towards fruitful 
areas for investigation. In 1798 he published a two volume work, Essai 
sur la theorie des nombres, probably the first treatise devoted solely to 
number theory. An expanded edition, Theorie des nombres, was printed 
in 1830 and this included results from Legendre’s work in the 
intervening years, work which had been inspired through correspondence 
with Gauss. Amongst many other results, he proved that the equation 
x5 +y° = z° has no solution in positive integers — this is a particular 
case of Fermat’s Last Theorem which we shall meet in the final unit of 
the course. On the question of distribution of primes he conjectured 


that m(n) approaches as n increases, a result which is 


log(n) — 1.08366 
very close to being correct. 


In his Essai Legendre included an account, together with an attempted 
proof, of the Law of Quadratic Reciprocity, a result which is to be at the 
heart of this unit. The relationship given in the Law was first 
conjectured by Euler in 1783, on the basis of considerable numerical 
evidence. Two years later Legendre offered the first proof. This proof, 
like the later one published in Essai, contained flaws. In 1795 Gauss, 
then 18 years old, discovered the Law for himself and in 1798, after what 
he admitted was a year of strenuous effort, he gave the first correct 
proof. Gauss acknowledged that, before him, Euler had almost 
discovered the result and that Legendre knew it and had proved it in 


Remember that m(n) is the number 


of primes not exceeding n. 
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various special cases, but he attributed the Law to himself. This 
brought Legendre and Gauss into conflict. Gauss stuck to his guns that 
credit for the proof must be given to him on the grounds that all 
previous proofs were incomplete. Legendre retorted, with good reason, 
that it was he who had first demonstrated, in detail, how the proof 
would be achieved. However the gap in Legendre’s line of reasoning has 
not been filled to this day. 


In the preceding work we have many times made the statement ‘a is a 
quadratic (non-)residue of p’. There is a convenient shorthand notation for 
such statements. It was first introduced by Legendre in the course of an 
incomplete proof of the Law of Quadratic Reciprocity. Naturally enough the 
notation is named after him. 


Definition 2.1 Legendre symbol 


Let p be an odd prime and a Æ 0 (mod p). The Legendre symbol (a/p) 
is defined as follows: 
ais 1, if ais a quadratic residue of p, 
P) = —1, if ais a quadratic non-residue of p. 


As an illustration of the Legendre symbol we can summarize the results of 
Example 1.3, which determined the quadratic residues and quadratic 
non-residues of 13, by writing 

(1/13) = (3/13) = (4/13) = (9/13) = (10/13) = (12/13) = 1; 

(2/13) = (5/13) = (6/13) = (7/13) = (8/13) = (11/13) = -1. 
The following theorem contains no essentially new information; it simply 


collates facts discovered in the previous section about quadratic residues and 
re-expresses them in terms of the Legendre symbol. 


Theorem 2.1 Properties of the Legendre symbol 
Let p be an odd prime and let a Æ 0 (mod p) and b 0 (mod p). Then 
the following properties hold. 
(a) If a =b (mod p) then (a/p) = (b/p). 
b) (a?/p) =1 
c) (ab/p) = (a/p)(b/p) 
d) (a/p) = a-/? (mod p) 
= 1, ifp=1 (mod 4), 
a { -1, ifp=3 (mod 4). 


( 
( 
( 
( 


Property (a) says that congruent integers have the same quadratic character. 
Property (b) makes the obvious claim that any square is a quadratic residue. 
Property (c) expresses, in succinct form, the multiplicative property of 
Table 1.1. Property (d) is, of course, Euler’s Criterion, and when applied to 
the particular case a = —1 gives the result of property (e), which we have 
included because we shall refer frequently to this important property. 
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In other texts the notations (2) 


and (a|p) are sometimes used for 
the Legendre symbol. Remember 
that (a/p) does not mean, in any 
sense, ‘a divided by p’. 


We read (a/p) as ‘a slash p’. 


Problem 2.1 
At each stage of the following evaluation of (30/11) state which of the 
properties of Theorem 2.1 is being used. 
(30/11) = (8/11), by? 
= (2/11)(4/11), by? 
= (2/11), by? 
=(-9/11), by? 
=(-1/11)(9/11), by? 
=(-1/11), by? 
=-l, by? 


Diversion 
Cor — 49 
67 x 67 = 4489 
667 x 667 = 444889 
6667 x 6667 = 44448889 
66667 x 66667 = 4444488889 
666667 x 666667 = 444444888889 


2.2 Applications using the Legendre symbol 


We are going to encounter numerous problems involving quadratic residues. 
Rather than falling back on first principles, we shall solve them through 
manipulation of the properties in Theorem 2.1. We begin with two examples 
illustrating how the Legendre symbol can be used. 


Example 2.1 
Does the congruence z? + 6x + 11 = 0 (mod 29) have a solution? 
As the discriminant is 6? — 4 x 11 = —8, we must decide whether or not —8 


is a quadratic residue of 29, and so we evaluate the Legendre symbol 

(—8/29). 
(—8/29) = (—2/29)(4/29), by property (c), 

(—2/29), since (4/29) = 1, by property (b), 

(—1/29)(2/29), by property (c), 

= (2/29), since (—1/29) = 1, by property (e), 

2(29-1)/2 — 214 by property (d), 

=25 x2°x24*=3x3x 16 

= —1 (mod 29). 


As the discriminant is a quadratic non-residue we conclude that the 
congruence does not have a solution. $ 


The properties referred to are those 


of Theorem 2.1, and throughout 
congruence is to modulus 29. 
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Example 2.2 
Find all the quadratic residues of 37. 


We know that 37 has 18 quadratic residues and we could go about finding 
them by determining the least positive residue modulo 37 of each of 

17, 2?, 3?, ..., 182, as we did for the prime 11 in Example 1.2. Instead we 
shall look for some short-cuts. 


For a start, we know from property (b) that 1, 4, 9, 16, 25 and 36 are 
quadratic residues. As 36 = —1 (mod 37), property (a) gives (—1/37) = 1, a 
fact which we could have established alternatively from property (e). Using 
this together with first property (c) and then property (a): 


= (-1/37)(4/37) = (~4/37) = (33/37), 


showing that 33 is a quadratic residue. In just the same way, —9 = 28, 
—16 = 21 and —25 = 12 are quadratic residues of 37. 


Having found that 12 and 28 are quadratic residues we can ‘remove the 
square 4’ from each, using first property (c) and then property (b): 


1 = (12/37) = (3/37) (4/37) = (3/37) 
and 
1 = (28/37) = (7/37)(4/37) = (7/37). 


So 3 and 7 are quadratic residues and, again using (—1/37) = 1, we find that 
—3 = 34 and —7 = 30 are also quadratic residues. 


We have now found a total of 14 quadratic residues so there are 4 still to be 
found. There are many ways of discovering them. For example, reversing the 
previous procedure and ‘multiplying by the square 4’ before using 

property (a): 


1 = (4/37)(12/37) = (48/37) = (11/37) 
and 

1 = (4/37)(16/37) = (64/37) = (27/37), 
which shows that 11 and 27, and with them their negatives, —11 = 26 and 
—27 = 10, are quadratic residues. 


The list of quadratic residues of 37 is now complete: 


1,3, 4, 7,9, 10, 11, 12, 16, 21, 25, 26, 27, 28, 30, 33, 34 and 36. + 


Problem 2.2 


Using only the properties of Theorem 2.1, evaluate the following Legendre 
symbols. 


(a) (3/11) (b) (2/17) (c) (40/11) 


Problem 2.3 


Show that (a/31) = 1 if, and only if, (2a/31) = 1. Use this fact to obtain all 
quadratic residues of 31. 
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3 GAUSS’ LEMMA 


3.1 Proof of Gauss’ Lemma 


One of our objectives in this unit is to prove, and use, the classical theorem 
known as the Law of Quadratic Reciprocity. This result will be seen to 
enable us to overcome the computational difficulties of determining the 
quadratic character of an integer, even for a large integer and large prime 
modulus. The fascination that this result has had for mathematicians over 
the years is exemplified by the fact that over 100 proofs of the Law have 
been published, (seven of them due to Gauss himself — he was not finding 
further proofs for their own sake but rather trying a find a method of proof 
which would generalize from the quadratic case to higher powers). The 
majority of the published proofs hinge on a subsidiary result, Gauss’ 
Lemma, which is the subject matter of this section. Gauss’ Lemma offers yet 
another method of determining the quadratic character of an integer modulo 
an odd prime and, like Euler’s Criterion, while not proving to be a very 
practicable test when large integers are involved, it is a useful theoretical 
result for which further applications arise. 


Theorem 3.1 Gauss’ Lemma 
Let p be an odd prime and a #0 (mod p). Let S be the set 
p- 


5 = fa,2a,30,..., 


p—1 


consisting of the first positive multiples of a. If n denotes the 


number of members of S whose least positive residue modulo p 
exceeds 5, then (a/p) = (—1)”. 


Before setting about the proof we shall look at an example which should 
serve to clarify the statement of Gauss’ Lemma and, more importantly, will 
illustrate the line to be adopted in the general proof. 


Let p = 19 and a = 11. The set S in Gauss’ Lemma consists of the first 
19-1 
2 


= 9 positive multiples of 11: 


S = {11, 22, 33, 44, 55, 66, 77, 88, 99}. 


Replacing each member of S by its remainder when it is divided by 19, that 
is, by the least positive residue to which it is congruent modulo 19, we get 


S’ = {11, 3, 14,6, 17,9, 1,12, 4}. 
There are four members, namely 11, 12, 14 and 17, which exceed > Hence, 
according to Gauss’ Lemma, 

(11/19) = (—1)* = 1, 
and we can conclude that 11 is a quadratic residue of 19. 
Suppose now that we replace the four members of S” which exceed 5 by 
their negatives; that is, replace 

11 by —11=8, 12by —12=7, 14by —14=5 and 

17 by — 17 = 2 (mod 19). 
This results in the new set 


a= 18,5, 5,6, 2,9, 4, 7,4): 
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Notice that S” consists of the first nine positive integers. This is typical of 
the general situation. The crux of the proof of Gauss’ Lemma lies in showing 
that, for any odd prime p and relatively prime integer a, the set 9”, 


constructed from multiples of a in this way, consists of the first ae 
positive integers. It is a short step from there to completion of the proof. 
Returning to our specific example, notice that the product of the elements in 
S” is 9! while the product of the elements in S is 119 x 9!. Now the 
corresponding elements of the sets S and S” are congruent modulo 19, with 
the exception of the four sign changes involved in getting from S” to 9”. It 
follows that 

11° x 9! = (—1)* x 9! (mod 19) 
and so, cancelling the 9!, which is permissible since ged(9!, 19) = 1, 

11° = 1 (mod 19). 
Euler’s Criterion now confirms that 11 is indeed a quadratic residue of 19. 
The key to the calculation is the number of sign changes in getting from S’ 
to S”. Had this turned out to be an odd integer then we would have had a 


minus sign remaining in the final congruence and, using Euler’s Criterion, 
we would have concluded that the integer was a quadratic non-residue. 


Our proof of Gauss’ Lemma retraces the steps of this example working, 
generally, with any odd prime p and relatively prime integer a. 


Proof of Gauss’ Lemma 
We are given that p is an odd prime, a Æ 0 (mod p) and 


—1 
s= {0,20,30,...,25 a}. 


First we observe that no two elements of S are congruent modulo p because, 


=l 
if ra = sa (mod p) for some integers r and s in the range 1 < r,s < = 


cancellation would give r = s (mod p), which can only happen if r = s. 
Moreover no element of S is congruent modulo p to 0, because 

ra = 0 (mod p), where a 0 (mod p) requires r = 0 (mod p), which cannot 
occur. 


Let S’ be the set obtained by replacing each member of S by its least 
positive residue modulo p. Putting the elements of 9” into increasing order 
we can write 


1 
e i Tor barier lm eh E a O 


— 1 
where bm < £ < cı and m+n = P. Now let Note that 7 is not an integer so 
p neither bm nor cı can be equal 
S = {b1,bo,...,6m,p — C1, P — C2,...,P — Cn }- to 2 
—1 
It is our contention that S” = fı, 2 oath, Certainly the integers Note that this does not imply that 
2 bı = 1, b2 = 2, etc. as the elements 


may be written in a different order. 


listed in S” are all positive, there are i of them, and the largest is either 


bm or p — c1, each of which is less than E, Hence there are E positive 


integers each less than 5, and so to justify our contention we need only show 
that they are distinct. 


As the elements of S’ are distinct, the m elements b1, b2, ..., bm are 
distinct, as are the n elements p — c1, p — C2, ..., P — Cn. So suppose that 
bi = p — cj, for some i and j. Then, 


p = bi + cj = ra + sa (mod p), 
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—1 
for some integers r and s in the range 1 < r,s < ies But from 


p = (r + s)a (mod p) and a £0 (mod p), 


Euclid’s Lemma leads to r + s = 0 (mod p), which is impossible since 
2<r+s<p-l. 


This establishes that 
—1 
Seo oe a a 
S { ’ ’ ? ? pA \ 


We continue by multiplying the elements of S” together: 


(7) = by bo... bm (p — C1)(p — c2) . . . (P — Cn) 


= bi be... bm(—c1)(—c2) . . . (—cn) (mod p) 
(—1)”bıb2 . . . bmC1C2 . . -Cn (mod p) 


—1 
= (—1)”a x 2a x 3a x ... X oes (mod p) This step following from the fact 
i that the elements of S’ are 
(ann (p—1)/2 p I congruent, in some order, to the 
=(-1)" xa p ( 2 ) (mod p). elements of S. 


=+] -1 
Now gcd{ p, =) ) = 1 and so the term 67) may be cancelled 


from the two sides of the congruence leaving 
1 = (-1)"a®-)/? (mod p). 


Finally we appeal to Euler’s Criterion in the form of property (d) of 
Theorem 2.1, that a?71)/2 = (a/p) (mod p), and then multiply both sides of 
the congruence by (—1)” to obtain 


(a/p) = (-1)”. z 


Gauss’ Lemma can be used in a very straightforward way to determine 
Legendre symbols: just write down the set S, convert it to the set S’ and 
count how many members of S’ lie in the appropriate range. Providing the 
prime modulus is not large the arithmetic involved in doing this is not 
taxing. 


Problem 3.1 
Use Gauss’ Lemma to evaluate the following Legendre symbols. 


(a) (7/13) (b) (11/23) (e) (8/29) 


3.2 Applications of Gauss’ Lemma 


In order to evaluate (n/p) for any positive integer n > 1 and odd prime p Property (b) of Theorem 2.1 


which does not divide n, consider the prime decomposition establishes that (1/p) = 1, so we 
need not consider n = 1 further. 


n =p] p? -pr 
Repeated application of the multiplicative property of the Legendre symbol, 
Theorem 2.1, property (c), leads to 


(n/p) = (p1/p)™ (p2/p)®? ... (pr/p)®". 
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Now in considering Legendre symbols we must not overlook negative 
integers. Note that 


-n = (—1)ph' p}? ... për 


and using the multiplicative property again we have 


(—n/p) = (—1/p)(p1/p)* (p2/p)" ... (pr/p)*"- 


So, to evaluate (a/p) for any integer a not divisible by the odd prime p, it 
suffices to be able to calculate (—1/p), (2/p) and (p;/p) for any odd prime 
pi # p. We have already dealt with (—1/p) in property (e) of Theorem 2.1. 
Evaluation of the general (p;/p) will be postponed until we have the Law of 
Quadratic Reciprocity at our disposal. However, Gauss’ Lemma will resolve 
the (2/p) problem for us. 


Theorem 3.2 The quadratic character of 2 
If p is an odd prime then 


1, ifp=1 (mod 8) or p=7 (mod 8), 
if p = 3 (mod 8) or p=5 (mod 8). 


em=f i 


Proof of Theorem 3.2 


To bring Gauss’ Lemma to bear we observe that (2/p) = (—1)”, where n is 
the number of integers in the set 


s={2x1, 2x2,2x3,..., 2x Pos} 


oe | 


which have least positive residue modulo p exceeding = The integers in S 


= {2,4,6,... 


are, as they stand, least positive residues of p and so our task is to count 
how many of them exceed z 


A 
2 
of 2 do not exceed = where int(z) denotes the integer part of x; that is, the 


Now 2k > £ if, and only if, k > a It follows that the first int (7) multiples 


largest integer which does not exceed z. 


The remaining multiples do exceed A So 


n= P= -int(2). 


There are four cases to consider corresponding to the four possible 
congruence classes modulo 8 of the odd prime p: 


(i) p= 8k +1 = n = 4k — int (2k + }) = 4k — 2k = 2k; 

(ii) p = 8k +3 = n = 4k +1 — int (2k + 3) = 4k +1 — 2k = 2k + 1; 

(iii) p = 8k + 5 = n = 4k + 2 — int (2k + Š) = 4k + 2 — (2k + 1) = 2k + 1; 
(iv) p = 8k +7 = n = 4k +3 — int (2k + 2) = 4k +3 — (2k + 1) = 2k + 2. 


In cases (i) and (iv), n is even and so (2/p) = 1. In cases (ii) and (iii), n is 
odd and so (2/p) = —1. 


Problem 3.2 

Write down the values of the following Legendre symbols. 
(a) (2/29) (b) (2/31) (e) (2/43) 
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As —1 = p — 1 (mod p) we can do 
without (—1/p), however, using it 
is often a more efficient way to 


proceed. 


The result can be expressed in 
either of the alternative forms 
bi 1, ifp=+1 (mod 8), 
(2/p) = i -1, if p= +3 (mod 8), 


or (2/p) = (—1)®"-*/8, 


Problem 3.3 
Adapt the proof of Theorem 3.2 to show that 


(-2/p) = 1, if p=1 (mod 8) or p=3 (mod 8), 
P} =) -1, if p=5 (mod 8) or p=7 (mod 8). 


Problem 3.4 

Check the result of Problem 3.3 by confirming that 
(—2/p) = (—1/p)(2/p) 

holds. 


The result of Theorem 3.2 provides us with a neat proof of Theorem 2.2 of 
Unit 5. The result in question concerned the Mersenne numbers 
Mi= 2" — 1. 


Theorem 3.3 (Theorem 2.2 of Unit 5) This result was stated without 
proof in Unit 5. 


If p and 2p + 1 are both primes, where p = 3 (mod 4) then 2p + 1 
divides M,. 


Proof of Theorem 3.3 


Let q be the prime 2p + 1. From p = 4k + 3 we have 2p + 1 = 8k + 7 and so 
q =7 (mod 8). Now Theorem 3.2 gives (2/q) = 1, so that 2 is a quadratic 
residue of q. Euler’s Criterion gives 2(7-))/? = (2/q) (mod q), and putting 
the two together gives 2173/2 = 1 (mod q). That is, q divides 2979/2 — 1 
which, when q is replaced by 2p + 1, says that 2p + 1 divides Mp, as 
claimed. is 


As we saw in Unit 5 this result shows that M11, M23, Mg3 and numerous 
other Mersenne numbers are composite. It remains an unsolved problem 
whether the list we have begun here extends infinitely; that is, it is not 
known whether there are infinitely many primes p of the form 4k + 3 for 
which 2p + 1 is also prime. 


3.3 More cases of Dirichlet’s Theorem 


In Unit 2 we mentioned, without proof, Dirichlet’s Theorem which asserts 
that, for relatively prime positive integers a and b, there are infinitely many 
primes of the form ak +b. We proved some special instances of this result 
including the infinitude of primes of the form 4k + 3. In a curious way our 
results on quadratic residues will lead to proofs of many more particular 
instances of Dirichlet’s result. As Unit 2 posed the question of whether or 
not there are infinitely many primes of the form 4k + 1, this is the obvious 
starting point for us here. 


Theorem 3.4 


There are infinitely many primes of the form 4k + 1. 


Proof of Theorem 3.4 


Aiming for a contradiction, suppose that there are only a finite number of 
primes of the form 4k + 1, say pj, po, ..., Pn- 


Let N = (2pip2...pn)? +1. As N is odd it must be divisible by some odd 
prime, say p. Then (2pip2...pn)? = —1 (mod p). As the term on the left of 
this congruence is a square we can infer that (—1/p) = 1 and then, by virtue 
of property (e) of Theorem 2.1, that p is of the form 4k + 1. The assumption 
that pı, p2, ..., Pn are the only primes of this form forces p = p;, for some i. 
But this means that p divides (2p; p2...pn)*, and coupling this fact with p 
divides N we conclude that p divides N — (2p;p2...pn)”. That is, p divides 
1, and we have the required contradiction. 


Hence there are infinitely many primes of the form 4k + 1. o 


Although we presented the proof of Theorem 3.4 as one by contradiction the 
essence of the argument was to show that from any list of primes of the form 
4k + 1 we can always discover another prime of the same form. From the list 
P1, P2, --+, Pn We constructed (2pp2... Pn)? + 1 which has to be divisible by 
a prime of form 4k + 1 which is not one of the original list. Many special 
instances of Dirichlet’s result can be proved in more or less this way, the key 
to the proof being in finding the ‘new’ number to construct. In our next 
example we use a similar method but with an extra step like the one used 
previously in our corresponding proof that there are infinitely many primes 
of the form 4k + 3. 


Theorem 3.5 


Integers of the form 8k — 1 are 
There are infinitely many primes of the form 8k — 1. equally well expressed as integers 
of the form 8k + 7 


Proof of Theorem 3.5 


Suppose that there are only finitely many primes of the form 8k — 1. If there 
are only finitely many then there is a largest such prime, say P. Consider 
the integer N = 2(P!)? — 1. As P! is even, 2(P!)? is divisible by 8 and so 

N = —1 (mod 8). 


Being odd, N has an odd prime divisor. Let p be such a divisor. Then 
2(P!)? = 1 (mod p). So 


(2/p)((P!)?/p) = (1/p), 


and as (P!)? and 1 are both squares we deduce that (2/p) = 1. Bringing 
Theorem 3.2 into play, p is congruent modulo 8 to either 1 or —1. Now any 
product of integers congruent modulo 8 to 1 is itself congruent modulo 8 

to 1. As N is not of this form, at least one of its prime divisors, say q, must 
be congruent modulo 8 to —1. The assumption that the largest prime of this 
form is P tells us that q < P. But then q divides 2(P!)? and as q divides 
2(P!)? — 1, we must have q divides 1, a contradiction. 


Hence there are infinitely many primes of the form 8k — 1. T 


Problem 3.5 


Show that there are infinitely many primes of the form 8k + 3 by the 
following method. Suppose that there are only a finite number of primes of 
form 8k + 3, namely pj, p2, ..., Pn- Consider the integer 

N = (pıp2 . .. Pn)? +2. For any prime divisor p of N show that (—2/p) = 1 
and deduce that N must have a prime divisor of the form 8k + 3. Reach a 
contradiction by noting that this prime would have to be one of the original 
list pin 95, <:-, Dn- 
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4 THE LAW OF QUADRATIC 
RECIPROCITY 


4.1 Understanding the law 


This section is concerned with the Law of Quadratic Reciprocity which, for 
ease of reference, we shall abbreviate to LQR. Amongst its numerous 
applications, LQR provides us with a new method for simplifying Legendre 
symbols. However, unlike the preceding methods, LQR is simple to employ 
even when the integers in question are large. 


Before we confront the difficult task of proving LQR we shall begin by 
illustrating the implications of the result through some simple examples. 


Theorem 4.1 The Law of Quadratic Reciprocity 


If p and q are distinct odd primes then 
(p/q)(q/p) = (-@-VE-V/A, 


This bland statement probably does not mean much to you yet. Let us hold 
fire for a moment and express the statement of LQR in a slightly different 
way to clarify just what it entails. Look at the expression (EEEN 
and suppose that p = 1 (mod 4). In this case p — 1 is divisible by 4 and, 
(p—1)(q— 1) 
4 

(—1)®-)G-D/4 = 1. Similarly if q = 1 (mod 4) then (—1)®-D@-D/4 = 1. 
On the other hand, if p = q = 3 (mod 4) then p — 1 and q — 1 are each equal 


—1)(q=1 
to twice an odd integer and so a 


(—1)-Y)(a-))/4 — —1. The statement of LQR can now be given in the 
alternative form: 


since q — 1 is also even, is an even integer. Therefore 


is odd. In this case 


ie 1, ifeither p =1 (mod 4) or q=1 (mod 4), 
olda = 4 T if p = q = 3 (mod 4). 


But we can take this a step further. As (p/q) and (q/p) are each equal to 
either 1 or —1, their product (p/q)(q/p) will be equal to 1 precisely when 
(p/q) = (q/p) and will be equal to —1 precisely when (p/q) = —(q/p). We 
therefore have the following way of stating LQR which will prove to be a 
more useful way of looking at it in many practical situations. 


Theorem 4.2 An alternative formulation of LQR 


If p and q are distinct odd primes then 


(a/p), if either p=1 (mod4) or q=1 (mod 4), 
aner an Ep2 Gai) : = 


LQR provides the missing link in the processes required to evaluate any 
Legendre symbol (a/p), where a is an integer not divisible by the odd prime 
p. We have seen that it is sufficient to be able to evaluate (—1/p), (2/p) and 
(q/p), for any odd prime q # p. We have found simple formulae for (—1/p) 
and (2/p). LQR now provides the means of determining (q/p). We shall 
illustrate the method by an example. 


21 


Example 4.1 
Is 31 a quadratic residue of 73? 


We need to evaluate the Legendre symbol (31/73). 


(31/73) = (73/31), by LQR, noting that 73 = 1 (mod 4), 
= (11/31), since 73 = 11 (mod 31), 
= (—1)(31/11), by LQR, noting that 11 = 31 = 3 (mod 4), 
= (—1)(9/11), since 31 = 9 (mod 11), 
=-l, | since 9 is a square. 


So 31 is not a quadratic residue of 73. 4 


The underlying process illustrated in this example is that the evaluation of 
any Legendre symbol is achieved by replacing it by a product of one or more 
simpler Legendre symbols, simpler in the sense that the integers involved in 
the symbol are smaller. LQR is needed to simplify the Legendre symbol 
(p/q), where p < q, by replacing it with either (¢/p) or (—1)(q/p), whichever 
is the case. As p < q, the symbol (q/p) can then be simplified by, for 
example, replacing q by its least positive residue modulo p (which is allowed 
by property (a) of Theorem 2.1). As the integers are repeatedly reduced, a 
stage will be reached when the value of the Legendre symbol is known. 


The next example is similar, but involves a larger prime, 229. We have 
illustrated the breakdown into ‘smaller’ Legendre symbols schematically. 


Example 4.2 
Determine the Legendre symbol (—134/229). 


(—134/229) 


[ax 


(—1/229) S (2/229) x (67/229) 


[ax | 3.2 | LQR 


1 x (-1) x (229/67) 


fare 


(28/67) 


pa 


(4/67) x (7/67) 


pa a 


1 x (—1) x (67/7) 
Jase 
(4/7) 
fp 
1 
So (—134/229) = 1 x (—1) x 1 x (-1) x 1=1. + 


Problem 4.1 
Determine the following Legendre symbols. 
(a) (—219/383) (b) (461/773) 
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The integers 383, 461 and 773 are 
primes. 


[EO GS es 

Explain each of the steps in the following evaluation of the Legendre symbol 

(164/197). 
(164/197) = (4/197)(41/197) 

= (41/197) 

= (197/41) 

= (74/41) 

= (2/41)(37/41) 


Problem 4.3 
The following evaluation of (60/79) contains a number of errors involving 
misuse of LQR and properties of the Legendre symbol. Identify the errors. 
(60/79) = (—19/79), since 60 = —19 (mod 79), 
= (-1)(19/79), since — 19 = (-1) x 19, 
~1)(79/19), by LQR, 
—1)(60/19), since 79 = 60 (mod 19), 
—1)(4/19)(15/19), since 60 = 4 x 15, 


1)(15/19), since 4 is a square, 

1)(—1)(19/15), by LQR, noting that 15 = 19 = 3 (mod 4), 
4/15), since 19 = 4 (mod 15), 
1, since 4 is a square. 


( 
( 
( 
( 
( 
( 
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4.2 Proof of LOR 


Since the first proof, given by Gauss, over 100 further proofs have been 
published. None of them is short and snappy! The one that we have opted 
to give here was discovered by one of Gauss’ students, Ferdinand Eisenstein 
and, like many of the published proofs, builds on Gauss’ Lemma. The proof 
is really in two distinct parts, the first of which establishes the link between 
LQR and Gauss’ Lemma. To make the proof easier to understand we shall 
establish the first part as a separate result. 


Theorem 4.3 


Let p be an odd prime and a an odd integer not divisible by p. Then 


(a/p) = (-1)*”), 


where 


e (p—1)/2 A 
ala,p) = int( =) 3 
(ap) = >_ ; 


k=1 


To clarify the statement of the theorem take the case a = 5 and p = 13. 
13 — 


1 
Then a(5,13) comprises the sum of = 6 terms: 


(5, 13) = int : + int Ba + int = + int = + int = + int = 

i a oat 13 13 13 1a T 
=0+0+14+1414+2=5, 

and so, according to the theorem, (5/13) = (—1)° = —1. 
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Proof of Theorem 4.3 


Exactly as in our proof of Gauss’ Lemma, we consider the set of integers 
—1 
S= {20,34,...,? 5 a} 


and, replacing each integer by its least positive residue modulo p and listing 
the integers in ascending order, we reach 


Ss! z {b1, b2,. ° <, bm, C1, C2; oes tats 
where bm < p < cı. Now, according to the Division Algorithm, if we divide 
any ka € S by p we get 
k 
ka=p x int(“*) + remainder, 


where the remainder is one of the integers in S’. Allowing k to run from 1 to As in the proof of Gauss’ Lemma, 
the remainders which occur are 
distinct members of S’. 


S z and adding up the resulting equations we get 
(p—1)/2 (p—1) 


L u= 2 oxin (#2 2) +h Èo (*) 
In the proof of Gauss’ Lemma we went on to show that the set 


Ss" = {b1, b2, . .: ,bm, P — c1, P — C2,---, P — Cn} 


p—1 
= 4 1,2,3,..., — ?. 
{1.23 kJ ie \ 


Adding the integers in this set gives 


(p—1)/2 


2 k= yn +Le-e =J btp- c. 
i=1 j=1 


Subtracting this equation from (*) gives 


(p—1)/2 (p—1)/2 (p—1)/2 


perp px int (£ r) +2 oem 


That is, 


(p—1)/2 


(a —1) D7? k =p x a(a,p) +2 oem 


Finally we write this equation modulo 2, noting that each of the terms still 
involving summation is even (since a is odd): 
pa(a,p) — pn = 0 (mod 2). 


Since p is odd this amounts to a(a,p) =n (mod 2). From the conclusion of 
Gauss’ Lemma that (a/p) = (—1)" we have reached (a/p) = (—1)*(%?), as 
claimed. 5 


With this result at our disposal it is just a short step to completion of the 
proof of LQR. 


Proof of LQR 


For the given odd primes p and q, consider the rectangle in the ry-plane 


which has vertices at (0,0), (2.0), (È, >) and (0, 5): The number of 
lattice points inside this rectangle is a 2 3 


from (0,0) to (È, 3), which has equation y = 47. Inside the rectangle there 
P 


x 


. Consider the diagonal Lattice points are points (a, b), 
where each of a and b is an integer. 
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are no lattice points on this diagonal, because if (a,b) is a lattice point on 
this diagonal then b = oe. But as p and q are distinct primes, this implies 


that p divides a and q divides b, which forces (a,b) outside the rectangle. 


Figure 4.1 


Denote by A and B the triangular regions inside the rectangle which lie 
respectively above and below the diagonal. For integer k with 0 < k < E the 
number of lattice points in B lying directly above the point (k, 0) on the 


x-axis is int( 4x), Hence the total number of lattice points in B is 
p 


(p—1)/2 q 
L m(t), 
Pp 


k=1 


which is a(q,p). In the same way, by counting the lattice points to the right 
of (0,k), the total number of lattice points in A is a(p,q). Now the number 
of lattice points in A added to the number of lattice points in B is the total 
number of lattice points in the rectangle which is 


por a) ee 


2 2 4 
Hence, from the two ways of counting the number of lattice points 
p—1X¢—1) 
a(p,q) + a(q, p) = a». 


The argument is symmetrical with 
the roles of p and q interchanged. 


The equality of the two counts uses 
the fact that there are no points on 
the diagonal. 
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So, in terms of Legendre symbols, by Theorem 4.3, 
(p/q)(q/p) = (—1)%® x (—1) 2%?) 
= (—1)*9+e(a0) 
= EN 


which is LQR. a 


PRES SARA E E R TR ESE EE E 2 RRR 
Diversion 
Farey Lights 


For any positive integer N, arrange in ascending order all the rational numbers 
strictly between 0 and 1 whose denominators do not exceed N. For example, for 
N = 7 we have 
i alee a e T oo E N a SS een. 
7? 6? Ba’ 7 8 5 7D 7 BB? 7 0 
Such a sequence is called a Farey sequence, after a nineteenth century mineralogist 
John Farey who worked with them. 


? 


NID 


hie 
5° 6 


Notice the following. 


(a) For any adjacent pair of terms and 5 we have bc — ad = 1. 


A & c e È ate 
b) For any three successive terms —, — and — we have — = 
(b) y ie a: d b+f 
latter fraction may not be in its lowest terms). 


(although the 


How many terms are in the Farey sequence for N? 


4.3 Applications of LOR 


To consolidate your appreciation of LQR let us round off the section with 
some more examples using it. We started this unit with a question on the 
solvability or otherwise of a given quadratic congruence. Let us return to 
that theme. 


Example 4.3 


Does the congruence 32? — 8x — 5 = 0 (mod 139) have any solutions? 139 is prime. 
The discriminant of the quadratic is 
(-8)? — 4 x 3 x (—5) = 124, 
so the question boils down to the determination of the Legendre symbol 
(124/139). In what follows we use, in addition to LQR, the various Legendre 
symbol properties of Theorem 2.1. In the explanation of the steps we 
highlight the property being used, rather than refer to which one it is. 
(124/139) = (4/139)(31/139), using 124 = 4 x 31, 
= 1x (31/139), since 4 = 2?, 
= (—1)(139/31), by LQR, since 31 = 139 = 3 (mod 4), 
(—1)(15/31), since 139 = 15 (mod 31), 
(—1)(3/31)(5/31), using 15 = 3 x 5, 
(—1)(—1)(31/3)(5/31), by LQR, since 31 = 3 (mod 4), 
= (31/3)(31/5), by LQR, since 5 = 1 (mod 4), 
= (1/3)(31/5), since 31 = 1 (mod 3), 
= (1/3)(1/5), since 31 = 1 (mod 5), 
= 


II 


The congruence does have solutions. 4 
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Problem 4.4 

For each of the following congruences decide whether or not it has any 
solutions. 

(a) 32? + 6x + 5 = 0 (mod 89) 

(b) 2x? + 5a — 9 = 0 (mod 11 x 101) 


Which primes p > 5 have 3 as a quadratic residue? In terms of the Legendre 
symbol we are asking: which primes p satisfy (3/p) = 1? LQR gives us a 
start in tackling this one. Since 3 = 3 (mod 4), the result of applying LQR 
to (3/p) depends on the value of p modulo 4: 


=. (p/3), if p=1 (mod 4), 
ip) = { CGS, fps dues. 
Now the least positive residue of p modulo 3 is either 1 (which is a square) 
or 2 (which is not), so: 
= 1, if p=1 (mod 3), 
BIS) = { —1, if p=2 (mod 3). 


The two parts need to be combined to obtain the value of (3/p), and for that 
we need to consider values of p to both modulus 3 and modulus 4; so we 
look at cases modulo 12. For example, if p = 7 (mod 12) then we have 
p =3 (mod 4) and p= 1 (mod 3). Therefore 

(3/p) = (—1)(p/3) and (p/3) =1 
which combine to give (3/p) = —1. 
There are, in all, four possible values modulo 12 which a prime (greater 


than 3) can take, namely p = 1,5,7 or 11 (mod 12). The value of (3/p) in 
each case is as determined in the table below. 


p (mod 3) (p/3) p (mod 4) (3/p) 


p = 1 (mod 12) 1 1 i 1 
p =5 (mod 12) 2 —1 1 —1 
p = 7 (mod 12) 1 1 3 —1 
p = 11 (mod 12) 2 —1 3 1 


We can summarize these findings as follows. 


Theorem 4.4 The quadratic character of 3 
If p > 3 is prime then 
1, if p=+1 (mod 12), 


(3/p) = { —1, ifp=+5 (mod 12). 


Problem 4.5 
For which primes p > 3 is (6/p) = 1? 


a E RESENS ee ee 
Prove that, for prime p > 3, (—3/p) = 1 if, and only if, p = 1 (mod 6). Use 
this to prove that there are infinitely many primes of the form 6k + 1 by 
considering the integer (2pıp2 .. . Pn)? +3, where p1, po, ..., Pn are assumed 
to be the only primes of the form 6k + 1. 
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We have achieved the main goal of this unit. Given any quadratic 
congruence with prime modulus we can decide whether or not it has 
solutions. Moreover part (b) of Problem 4.4 illustrates a fruitful line of 
approach for similar problems where the modulus is a product of distinct 
primes. As far as general composite moduli are concerned there is one idea 
of particular interest in our present situation which merits mention. The 
Legendre symbol can be generalized in a simple way. 


Definition 4.1 The Jacobi symbol 


Let m and n be integers, with n odd, n > 3 and ged(m,n) = 1. Writing 
n = pı p2 `` Pr as a product of (not necessarily distinct) primes, then 
the Jacobi symbol (m/n) is defined by 


(m/n) = (m/pi)(m/pa) -..(m/Pr), 


where the symbols on the right-hand side are Legendre symbols. 


So, for example, 
(14/275) = (14/5)(14/5)(14/11) = (4/5)(4/5)(3/11) =1x1x1=1. 


From our knowledge of Legendre symbols there is little remaining challenge 
in evaluating Jacobi symbols. But what does the Jacobi symbol represent? 
It would be nice if, for odd relatively prime integers m and n we had 
(m/n) = 1 if, and only if, m is a non-zero square modulo n. Unfortunately 
this is not true. For example, 5 is not a square modulo 9, but 


(5/9) = (8/3)(5/3) = (2/3)(2/3) = (-1)(-1) = 1. 


But all is not lost because it is true that if (m/n) = —1 then m is not a 
square modulo n. To see this, suppose that (m/n) = —1. Then in the 
expression of (m/n) as a product of Legendre symbols there is (at least) one 
prime divisor p of n for which (m/p) = —1. That is, m is not a square 
modulo p. It follows that m cannot be a square modulo n. 


The Jacobi symbol (m/n) is a generalization of the Legendre symbol in that 
the two notions coincide when n is prime. In fact, almost all the properties 
we have seen for the Legendre symbol do generalize. In particular the 
following all hold true; we state them without proof. 


If m and n are odd integers both exceeding 1 with gcd(m,n) = 1, then: 
(a) (—1/n) = (—1)"-/?, Buler’s Criterion; 

(b) (2/n) = (—1)"-9/8, Theorem 3.2; 

(c) (m/n)(n/m) = (-1)™"VO-V/4, LAR. 


ADDITIONAL EXERCISES 


Section 1 


1 Solve the following congruences. 
(a) 2x? + 42 +1 = 0 (mod 7) 
(b) 3a? + 2 —3 = 0 (mod 11) 


2 For which integers c does the congruence 2x” — 5x + c = 0 (mod 13) 
have solutions? Solve the congruence for the case c = 1. 
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By Theorem 4.4, (3/11) = 1. 


We talk about ‘squares’ rather 
than quadratic residues because 
the latter are defined only for 
prime modulus. 


If £? = m (mod n) then 
x” =m (mod d) for any divisor d 
of n. 


The quadratic residues of 13 are 
found in Example 1.3. 


Use Euler’s Criterion to determine whether or not 3 is a quadratic 
residue of the following primes. 


(a) 23 (b) 29 


Quadratic residues can be defined for composite n > 2 by analogy with 
the prime case. Each integer a satisfying gcd(a, n) = 1 is either a 
quadratic residue or non-residue of n depending on whether or not the 
congruence x? = a (mod n) has solutions. 

Prove that if a is a quadratic residue of n then a®™)/? = 1 (mod n). 
Show that the converse of this result is false by exhibiting relatively 
prime integers a and n for which a?")/? = 1 (mod n) but for which 

x? =a (mod n) has no solutions. 


Section 2 


1 


Making use of properties of Theorem 2.1, determine whether or not the 
following congruences have solutions. 


(a) z? + 82 + 4 = 0 (mod 13) 
(b) x? + 7x +9 = 0 (mod 23) 


Evaluate the following Legendre symbols. 
(a) (18/19) (b) (45/19) (c) (2/19) 


Confirm that (—1/29) = 1 and hence that +1, +4, +9, and +16 are 
quadratic residues of 29. Determine the remaining quadratic residues 
of 29. 


If p is an odd prime and gcd(a, p) = 1 deduce, using Euler’s Criterion 
and Wilson’s Theorem, that 


(p- 1)! = —(a/p)a® -9/2 (mod p). 


Section 3 


1 


Use Gauss’ Lemma to determine the following Legendre symbols. 


(a) (3/13) (b) (5/17) 


Show that 2 is a quadratic residue of: 

(a) every prime of the form 4” + 1, for n > 1; 

(b) every Mersenne prime Mp = 2? — 1, except M2 = 3; 
(c) every Fermat prime F, = 2?" +1, for n > 1. 


For each of these primes decide whether or not —2 is a quadratic 
residue. 


Show that there are infinitely many primes of the form 8k + 5 in the 
following way. Suppose that p1, p2,...,Pn are the only primes of this 
form and reach a contradiction by considering the integer 


N =4(pip2..-Pn)? +1. 


Section 4 


1 


Evaluate the following Legendre symbols. 
(a) (35/71) (b) (139/149) (c) (1234/4567) 


Remember that ¢(n) is even for 


n > 2 and so $(n)/2 is an integer. 


The integers 139, 149 and 4567 are 


all primes. 
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2 Which of the following congruences have solutions? 
(a) 32? +z- 7 = 0 (mod 17) 
(b) 22? +x +1 = 0 (mod 29) 
(c) 22? + 32 — 7 =0 (mod 101) 
3 (a) If p and q = 10p + 3 are odd primes, show that (p/q) = (3/p). 
(b) If p and q = 10p + 1 are odd primes show that (p/q) = (—1/p). 


4 Show that 4” = 4 (mod 12) for all integers n > 1. Use this result and 
Theorem 4.4 to show that 3 is a quadratic non-residue of each of the 
primes given in parts (a), (b) and (c) of Additional Exercise 2 of 
Section 3 above. 


5 For which odd primes p # 7 does (7/p) = 1? 


6 If p and q are distinct odd primes prove that (—p/q) = (—q/p) if, and 
only if, p = q = 1 (mod 4). 


Challenge Problems 


1 Show that the product of the quadratic residues of an odd prime p is 
congruent modulo p to —1 when p is of the form 4k + 1 and to 1 when p 
is of the form 4k + 3. 


2 Prove that there are infinitely many primes of the form 5k + 4. 


3 For any prime p > 5, prove that there are two consecutive integers 
which are both quadratic residues of p and two consecutive integers 
which are both quadratic non-residues of p. 


4 Evaluate, for p an odd prime, 


(1 x 2/p) + (2 x 3/p) +--- + ((p— 2) x (p—1)/p). 


SOLUTIONS TO THE PROBLEMS 


Solution 1.1 
(a) Multiplying through by 20: 
100x? + 1402 + 20 = 0 (mod 13), 
and completing the square: 
(10a + 7)? — 29 = 0 (mod 13). 
That is, 
(102 + 7)? = 29 = 16 (mod 13). 


As 16 = (+4)?, the required solutions are obtained by solving 
10x + 7 = +4 (mod 13). These are 


x=1(mod 13) and zs =8 (mod 13). 
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Solutions to the Problems 


(b) Multiplying through by 4: 

4x? + 42 + 4=0 (mod 5), 

and completing the square: 
(2x + 1)? +3 =0 (mod 5). 

Adding 2 to both sides gives 
(22 + 1)? =2 (mod 5). 

But the squares modulo 5 are 0, 1 and 4, and so the congruence 
y =2 (mod 5), 


has no solutions, and therefore the original congruence in x has no 
solutions. 


~ 
(g 
No 


Multiplying through by 4 and completing the square: 
(2x + 3)? + 7 =0 (mod 7). 

That is, 
(2x + 3)? = 0 (mod 7). 

So this has a unique solution which satisfies 
2x +3 =0 (mod 7), 

namely x = 2 (mod 7). 

Solution 1.2 

Working modulo 13: 

PHAF at Saif S68 Fer =s 

4 =9 =3; 5° =8?=12; 6 =77=10. 


The quadratic residues of 13 are therefore 1, 3, 4, 9, 10 and 12, and the 
non-residues, 2, 5, 6, 7, 8 and 11. 


The congruence x? + x — c= 0 (mod 13) has two solutions when its 
discriminant, 1 + 4c, is a quadratic residue of 13, and has a unique solution 
when the discriminant is congruent to 0. 
1+4c=0 (mod 13) += c=3 (mod 13 
1+4c=1 (mod 13) = c= 0 (mod 13 
1+ 4c =3 (mod 13) <=> c=7 (mod 13 
1+ 4c=4 (mod 13) = > c=4 (mod 13 
) 
) 


Sew “NG, Nea Nec 


1+4c=9 (mod 13) <— > c=2 (mod 13) 
1+ 4c = 10 (mod 13) 4= c=12 (mod 13) 
1+ 4c = 12 (mod 13) <= c=6 (mod 13) 


So the congruence has solutions when c = 0, 2,3,4,6,7 or 12 (mod 13). 


Solution 1.3 


According to Euler’s Criterion, 5 is a quadratic residue of prime p if, and 
only if, 5°°-))/2 = 1 (mod p). 


501-D/2 — 5° = 95 x 25 x5=3x3x5=45 =1 (mod 11) 
507-1)/2 — 58 = Vy =s=6F = (4h =~ (mod 17) 
519-1)/2 — 59 = 5 x (5*)* =5 x 6* =5 x (—2)? =1 (mod 19) 


So 5 is a quadratic residue of 11 and 19 but is a quadratic non-residue of 17. 
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Solutions to the Problems 


Solution 1.4 


(a) Since, being a square, x“ is a quadratic residue of p, the table informs us 
that a and b must be of the same quadratic character. That is, a is a 
quadratic residue of p if, and only if, b is a quadratic residue of p. 


2 


(b) If —1 is a quadratic residue of p then, according to Euler’s Criterion, 
(—1)®-)/? = 1 and so ee 


is an even integer. That is, p = 1 (mod 4). 


(c) Since p — a = —a = (—1)a (mod p), a and p— a will be of the same 
quadratic character when —1 is a quadratic residue of p. Hence p — a 
will also be a quadratic residue precisely when p = 1 (mod 4). 


Solution 2.1 

(30/11) = (8/11), by property (a), 
= (2/11)(4/11), by property (c), 
= (2/11), by property (b), 
= (—9/11), by property (a), 
= (-1/11)(9/11), by property (c), 
= (—1/11), by property (b), 
= —1, by property (e). 


Solution 2.2 


(a) (3/11) = (3/11)(27/11), since (27/11) = 1 by property (b), 


= (3 x 2?/11), by property (c), 
= (12/11) 
(1/11), by property (a), 


, by property (b). 


1 
(36/17), by property (a), 
1, by property (b), since 36 = 6°. 


(b) (2/17) 


(c) (40/11) = (10/11)(4/11), 


by property (c), 


= (10/11), by property (b), 
= (—1/11), by property (a), 
= —1, by property (e). 


Solution 2.3 


For the first part, the essential task is to show that (2/31) = 1. There are 
various ways of achieving this, such as to appeal to Euler’s Criterion and 
show that 2!5 = 1 (mod 31). Simpler, if you spot it, is to capitalize on the 
observation that 2 = 64 (mod 31) and so (2/31) = (64/31) = 1, since 

64 = 8°. Then 


(2a/31) = (2/31)(a/31) = (a/31), 
as required. 


To make use of this result, take any quadratic residue of 31 and repeatedly 
double, finding further quadratic residues. For example, starting from 1: 


1, 2, 4, 8, and 16 are quadratic residues. 
Starting from 9 = 3? we have further quadratic residues: 
9, 18, 36 = 5, 10, and 20. 
Starting from 25 = 5? completes the list: 
25, 50 = 19, 38 = 7, 14 and 28. 
As 31 is known to have fifteen quadratic residues, we have found them all: 


1,2,4,5,7,8,9, 10, 14, 16, 18, 19, 20, 25 and 28. 
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Alternatively by property (d). 


Alternatively using property (d) of 
Theorem 2.1. 


Solution 3.1 
(a) To evaluate (7/13) we first form the set S consisting of the first 
13— 


1 
ra 6 multiples of 7: 


S = {7, 14, 21, 28, 35, 42}, 


and convert to S’ by replacing each integer by its least positive residue 
modulo 13: 


S’ = {7,1,8,2,9,3}. 
i 13 
The three underlined members exceed ro and so 
(7/13) ={(—1)? = -1. 
Repeating for (11/23): 


S = {11, 22, 33, 44, 55, 66, 77, 88, 99, 110, 121}; 
S’ = {11, 22, 10, 21, 9, 20, 8, 19, 7, 18, 6}. 


=_~ 
jog 
as 


The five underlined members of S’ exceed a and so 


(11/23) = (—1)® = -1. 


~ 
QO 
wm 


Finally for (5/29), the first fourteen positive multiples of 5 give, 
modulo 29, the set 


Ss = {5, 10, 15, 20, 25, 1, 6, 11, 16, 21, 26, 2,7, 12}, 
29 
which has the six underlined members exceeding Si and so 
(5/29) = (-1)f = 1. 


Solution 3.2 

(a) (2/29) = —1, since 29 = 5 (mod 8). 
(b) (2/31)=1, since 31 = 7 (mod 8). 
(c) (2/43) = —1, since 43 = 3 (mod 8). 


Solution 3.3 
By Gauss’ Lemma, (—2/p) = (—1)”, where n is the number of integers in 
the set S = {—2, —4, -6,...,-—2k,..., —(p — 1)} which have least positive 
residue exceeding Ki The least positive residue modulo p of each of the 
integers in S is obtained by adding p, giving 

S’ = {1,3,...,p— 2k,...,p— 4,p — 2}. 


Now p — 2k > E if, and only if, k < = and therefore n = int (3). Looking 
at the four possible congruence classes of p modulo 8: 

p=8k+1 => n= int (2k + 4) = 2k; 

p=8k+3 => n= int (2k + 3) = 2k; 

p=8k+5 => n= int (2k+ 8) =2k+1; 

p=8k+7 => n= int (2k+7) =2k+1. 


Now when n is even (—2/p) = 1, and this occurs when p = 1 or 3 (mod 8). 
When n is odd (—2/p) = —1, and this occurs when p = 5 or 7 (mod 8). 


Solutions to the Problems 


It is quite possible to go direct to 
the set S’, by-passing S, by 
starting with 7 and writing down 
six integers getting from one to the 
next by adding 7 modulo 13. 
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Solutions to the Problems 


Solution 3.4 


To make use of (—2/p) = (—1/p)(2/p) we look at the four cases for 


p modulo 8, and multiply the value of (—1/p), obtained from property (e) of 


Theorem 2.1, by the value of (2/p), obtained from from Theorem 3.2. 
p =1 (mod 8) => (-1/p)=1 and (2/p)=1, so (—2/p)=1 


p =3 (mod 8) => (-1/p)=-1 and (2/p)=-—1, so (—2/p)=1 
=5 (mod 8) => (-1/p)=1 and (2/p)=-—1, so (—2/p)=— 
p=7 (mod 8) => (-1/p)=-1 and (2/p)=1, so (—2/p) =— 


This agrees with the result of Problem 3.3. 


Solution 3.5 


Suppose that pı, p2,...,Pn are the only primes of form 8k + 3, and let 

N = (pip2.--Pn)? +2. Since, for each 1 < i < n, p? = 1 (mod 8), we note 
that N = 3 (mod 8). Now if p is any prime divisor of the odd integer N we 
have (pıp2... Pn)? = —2 (mod p) and so, as the left-hand side is a square, 
(—2/p) =1. The result of Problem 3.3 confirms that p is congruent 
modulo 8 either to 1 or to 3. 


At this point we can invoke the argument seen in the proof of Theorem 3.5. 


If all the prime divisors of N are congruent modulo 8 to 1 then so too is N 
itself. But N is not congruent modulo 8 to 1 and so it must have at least 


one prime divisor, say q, which is congruent modulo 8 to 3. This means that 


q must be one of the listed primes p;. But then, q divides N and q divides 
(pip2...Pn)? which leads to the contradiction that q divides 2. 


Hence there are infinitely many primes of the form 8k + 3. 


Solution 4.1 


(a) There are many possible sequences of steps, of which this is one. We 
have given an explanation of each step rather than a reference to the 
result being used. 


We have seen that the square of 
any odd integer, prime or 
composite, is congruent modulo 8 
to 1. 


(—219/383) = (—1/383)(3/383)(73/383), since — 219 = (—1) x 3x 73, 

= (—1)(3/383)(73/383), since 383 = 3 (mod 4), 

= (—1)(—1)(383/3)(73/383), by LQR since 383 = 3 (mod 4), 
= (2/3)(73/383), since 383 = 2 (mod 3), 

= (—1)(73/383), since 3 = 3 (mod 8), 

= (—1)(383/73), by LQR since 73 = 1 (mod 4), 

= (—1)(18/73), since 383 = 18 (mod 73), 

= (—1)(2/73)(9/73), since 18 = 2 x 9, 

= (-1)(1)(9/73), since 73 = 1 (mod 8), 

= =e 1)(1)(1), since 9 = 3?, 

—1. 


We have consistently adopted the ‘invert and divide’ approach in this 
solution; but there are other methods. For example, the observation 
that —219 = 164 (mod 383) and 164 = 4 x 41 offers 


(—219/383) = (4/383) (41/383) = (41/383) = 


as an alternative start. 
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Solutions to the Problems 


(b) Whereas we spelled out each step in part (a), here we shall reduce the 


number of steps by processing several symbols simultaneously. 
(461/773) = (773/461), by LQR, 
= (312/461), since 773 = 312 (mod 461) , 
= (4/461)(2/461)(3/461)(13/461), since 312 = 23 x 3 x 13, 
= (1)(—1)(461/3)(461/13), since 461 = 5 (mod 8) and by LQR twice, 
)(2/3)(6/13), since 461 = 2 (mod 3) and 461 = 6 (mod 13), 
—1)(—1)(2/13)(3/13), since (2/3) = —1 and 6 = 2 x 3, 
= 1)(13/3), since 13 = 5 (mod 8) and by LQR, 
—1)(1/3), since 13 = 1 (mod 3), 


Solution 4.2 


(164/197) = (4/197)(41/197), since 164 = 4 x 41, 

= (41/197), since 4 is a square, 
= (197/41), by LOR, 
= (74/41), since 197 = 74 (mod 41), 
= (2/41)(37/41), since 74 = 2 x 37, 
= (37/41), since 41 = 1 (mod 8), 

= (41/37), by LQR , 

= (4/37), since 41 = 4 (mod 37), 

=1, since 4 is a square. 


Solution 4.3 


There are three major mistakes in the argument. 


il 


The step which replaces (—19/79) by (—1)(19/79) turns out to be 
correct but is handling the minus sign incorrectly. It should read 
(—19/79) = (—1/79)(19/79). However, it happens that (—1/79) = — 
since 79 = 3 (mod 4), so the misuse has not resulted in a wrong value 
being carried forward. 


The first application of LQR is wrong. As 19 = 79 = 3 (mod 4), LQR 
gives (19/79) = (—1)(79/19). 

The second application of LQR is also wrong. As 15 is not a prime, LQR 
cannot be applied to Legendre symbol (15/19). The correct continuation 
here would be (15/19) = (3/19)(5/19). This mistake is compounded in 
the next line too, where the symbol (19/15) is manipulated. As 15 is not 
prime this is not a legitimate Legendre symbol. 


Solution 4.4 
(a) The quadratic congruence 3x? + 6x + 5 = 0 (mod 89) is solvable 


provided 6? — 4 x 3 x 5 = —24 is a quadratic residue of the prime 89. 
(—24/89) = (65/89) 
= (5/89)(13/89) 
= (89/5)(89/13) 
= (4/5)(11/13) 
= (1)(13/11) 
= (2/11) 
=-1. 


The congruence has no solutions. 
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Solutions to the Problems 


(b) The quadratic congruence 2x? + 5x — 9 = 0 (mod 11 x 101) has 
solutions if, and only if, each of the congruences 
2x? + 52 — 9 = 0 (mod 11) and 2z? + 5x — 9 = 0 (mod 101) are solvable. 
This will be the case if 5? — 4 x 2 x (—9) = 97 is a quadratic residue of 
both 11 and 101. 


(97/11) = (9/11) = (37/11) =1 
(97/101) = (101/97) = (4/97) = (2/97) =1 


Hence the congruence does have solutions. 


Solution 4.5 

We make use of the property (6/p) = (2/p)(3/p) and the established facts 
(2/p) =1 if, and only if, p = +1 (mod 8); 
(3/p) =1. if, and only if, p = +1 (mod 12). 


To cater for modulo 8 and modulo 12 we shall need to consider the possible 
values of p modulo 24, which (since p > 3) are 1, 5, 7, 11, 13, 17, 19 and 23. 
p =1 (mod 24) => (2/p)=1 and (3/p)=1, so (6/p)=1 

p =5 (mod 24) => (2/p)=-1 and (3/p)=-1, so (6/p)=1 

p=T (mod 24) => (2/p)=1 and (3/p)=-—1, so (6/p) = —1 

p = 11 (mod 24) => (2/p)=-1 and (3/p)=1, so (6/p) =—1 

p = 13 (mod 24) => (2/p)=-1 and (3/p)=1, so (6/p)=—-1 

p = 17 (mod 24) => (2/p)=1 and (3/p)=-1, so (6/p) =—-1 

p = 19 (mod 24) => (2/p)=-1 and (3/p)=-1, so (6/p)=1 

p = 23 (mod 24) => (2/p)=1 and (3/p)=1, so (6/p)=1 


So (6/p) = 1 when p = 1, 5, 19 or 23 (mod 24). 


Solution 4.6 
We shall use the property (—3/p) = (—1/p)(3/p) and the established facts 

(—1/p) = 1 if, and only if, p = 1 (mod 4); 

(3/p) = 1 if, and only if, p = +1 (mod 12). 
We need to consider possible values of p modulo 12 which, since p > 3, are 1, 
5, 7 and 11. 
p =1 (mod 12) => (-1/p)=1 and (3/p)=1, so (-3/p)=1 
p = 5 (mod 12) => (-1/p)=1 and (3/p)=—-1, so (—3/p)=-1 
p=7 (mod 12) => (—1/p)=-1 and (3/p)=-1, so (—3/p)=1 
p=11 (mod 12) => (-1/p)=—-1 and (3/p)=1, so (—3/p) =-1 
So (—3/p) = 1 when p = 1 or 7 (mod 12) and (—3/p) = —1 when p = 5 or 
11 (mod 12).That is, 

= 1, ifp=1 (mod 6), 

ae { -1, ifp=5 (mod 6), 


as claimed. 


Now suppose that p1, po, ..., Pn are the only primes of the form 6k + 1. 
Consider N = (2pip2...pPn)? +3. As N is odd it has an odd prime divisor, 
say p. Then (2pip2... Pn)? = —3 (mod p), from which (—3/p) = 1 and the 
first part of the question gives p = 1 (mod 6). It now follows that p is one of 
the listed primes and so p is a divisor of (2p; pe... pn)”, and therefore of 

N — (2pip2...Pn)*. That is, p divides 3, and so p = 3. This contradicts the 
fact that p is of the form 6k + 1, and so the assumption made, that there are 
only finitely many primes of this form, must be false. 


Therefore there are infinitely many primes of the form 6k + 1. 
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See Section 4.3 of Unit 4. 


Note that 97 and 101 are primes. 


lcm(8, 12) = 24 


SOLUTIONS TO ADDITIONAL 
EXERCISES 


Section 1 


1 


(a) Multiplying through by 8 and completing the square, the 
congruence becomes 

(42 + 4)? — 8 =0 (mod 7), i.e. (4r +4)? = 1 (mod 7). 
This has solutions satisfying 4x + 4 = +1 (mod 7). That is, 
x = 1 (mod 7) and z = 4 (mod 7). 
Writing the congruence as 3x2? + 12x — 3 = 0 (mod 11) we can 
begin by cancelling the factor 3 to reach the equivalent congruence 
x? + 4x —1=0 (mod 11). That is, 

(a + 2)? —5 =0 (mod 11), ie. (z + 2)? = 5 = 16 (mod 11). 
Hence z + 2 = +4 (mod 11), which leads to x = 2 (mod 11) and 
x = 5 (mod 11). 


(b 


ma 


The quadratic congruence 2x? — 5a + c = 0 (mod 13) has discriminant 
25 — 8c and so the congruence has solutions when this is either a 
quadratic residue of 13 or is congruent to 0 modulo 13. Now 
25 — 8c = 5c — 1 (mod 13) and, referring to the list of quadratic 
residues of 13 established in Example 1.3, for solutions we require 
5c—1=0, 1, 3, 4, 9, 10, 12 (mod 13). 
These linear congruences have, respectively, solutions 
c= 8, 3, 6, 1, 2, 10, 0 (mod 13). 


Hence the original quadratic congruence has solutions for these values 
of c. 


Solving for the case c = 1, 
2x? — 5x + 1 = 0 (mod 13) +> 162? — 40x + 8 = 0 (mod 13) 
<=> (42 — 5)? —17 =0 (mod 13) 
<> (4z — 5)? = 4 (mod 13) 
<> 4r- 5 = +2 (mod 13). 


These linear congruences, and hence the quadratic congruence, have 
solutions x = 4 (mod 13) and x = 5 (mod 13). 


(a) 3(23-1)/2 — 311 — 97 x 27 x 27 x 9 
= 43 x 9 = (—5) x 9 = —45 = 1 (mod 23). 
So 3 is a quadratic residue of 23. 
(b) (3(29-1)/2 — 314 — 974 x 9 = (-2)4 x 9 
= 4 x 36 = 28 = —1 (mod 29). 
So 3 is a quadratic non-residue of 29. 


Suppose that n > 2, gcd(a,n) = 1 and x? =a (mod n). Then 
gcd(z?,n) = 1, from which it follows that ged(z,n) = 1, since any 
common divisor of x and n would necessarily divide x2. Now 


a?()/2 = (72) 0(")/2 = gtl) = 1 (mod n), by Euler’s Theorem. 


A counter-example to the converse is provided by case a = 3 and n = 8: 


q%(n)/2 — 36(8)/2 — 34/2 g = 4 (mod 8). 


However the only squares modulo 8 are 0, 1 and 4, and so there is no 
solution for z? = 3 (mod 8). 


You could, of course, begin by 
multiplying through by 12, but you 
should be on the look-out for 
short-cuts. 
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Section 2 
1 (a) The discriminant is 8? — 4 x 1 x 4 = 48, so our task is to determine 
the Legendre symbol (48/13). 
(48/13) = (16/13)(3/13), by property (c), 
= (3/13), by property (b), 
= (16/13), by property (a), 
=1, by property (b). 
So the congruence has solutions. 


(b) The discriminant is 7? — 4 x 1 x 9 = 13, so our task is to determine 
the Legendre symbol (13/23). 


(13/23) = (36/23), by property (a), 
=1, by property (b). 


So the congruence has solutions. 


2 (a) (18/19) = (—1/19), by property (a), 
=-1, by property (e). 
(b) (45/19) = (5/19)(9/19), by property (c), 
= (5/19), by property (b), 
= (5/19)(4/19), since (4/19) = 1 by property (b), 
= (20/19), by property (c), 
= (1/19), by property (a), 
='1. 
(c) (2/19) = (2/19)(9/19), since (9/19) = 1 by property (b), 
= (18/19), by property (c), 
=-1, from part (a) above. 


3 Since 29 = 1 (mod 4), (—1/29) = 1 by property (e) of Theorem 2.1. It 
now follows that for any quadratic residue a, 
(—a/29) = (—1/29)(a/29) =1x1=1, 


and so —a is also a quadratic residue. In particular, as the ‘squares’ 1, 
4, 9 and 16 are quadratic residues so too are —1 = 28, —4 = 25, 
—9 = 20 and —16 = 13. 


The prime 29 has fourteen quadratic residues and so we seek a further 
six. Using the fact that 20 is a quadratic residue we have 


1 = (20/29) = (4/29)(5/29) = (5/29), 
so 5, and hence —5 = 24, are quadratic residues. Similarly 
1 = (28/29) = (4/29)(7/29) = (7/29), 
so that 7 and 22 are quadratic residues. Finally 
1 = (5/29)(7/29) = (35/29) = (6/29), 
giving 6 and 23 as the missing pair. 
Collecting everything together the quadratic residues of 29 are 
1,4, 5, 6; 779,13,16, 20,22 23,24, 25.and.28: 
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The properties are those of 
Theorem 2.1. 


The observation that 


(48/13) = (9/13), by property (a), 
suggests an equally good approach. 


There are other ways, such as using 
larger squares, of finding the 
remaining quadratic residues. 


4 By property (d) of Theorem 2.1 
(a/p) = a'?~Y/? (mod p) 
and therefore 
(a/p)a'”-)/? = (a/p)(a/p) = 1 (mod p). 


Now Wilson’s Theorem gives (p — 1)! = —1 (mod p), and combining the 
two congruences we have 


(p — 1)! = —(a/p)a®-))/? (mod p). 


Section 3 


13-1 
1 (a) The set S comprises the first multiples of —3, thus 


S = {-3, —6, —9, —12, —15, —18}; 
and replacing each integer by its least positive residue modulo 13, 
S’ = {10, 7,4, 1,11, 8}. 
The four underlined members have least positive residue exceeding 
= and so (—3/13) = (—1)* = 1. 
(b) Repeating for (5/17): 


S = 45, 10 15; 3, 8, 13 16} We have gone directly to S’ by 
17 starting with 5 and moving from 
Three members of S” exceed — and so (5/17) = (—1)? = —1. one number to the next by adding 
2 5 modulo 17 until we have eight 
numbers. 


2 Using Theorem 3.2, which tells us that 2 is a quadratic residue of p if, 
and only if, p = +1 (mod 8), we aim to determine the value of each of 
the given primes modulo 8. 


(a) For n > 1, 8 divides 4” and so 4” + 1 = 1 (mod 8). 

(b) For p > 3, 8 divides 2? and so 2? — 1 = —1 (mod 8). However, for 
p = 2, Mz = 3 and hence 2 is not a quadratic residue of Mo. 

(c) For n > 1, 8 divides 2?" and so 2?” + 1 = 1 (mod 8). 

In all cases 2 is a quadratic residue of the given prime. 


From (—2/p) = (2/p)(—1/p) it follows that —2 will be a quadratic 
residue provided —1 is a quadratic residue, and this we know, from 
property (e) of Theorem 2.1, will occur exactly when p = 1 (mod 4). 
Hence we have the following results. 

(a) 4” +1 = 1 (mod 4), so —2 is a quadratic residue. 


(b) For p > 2, 2? — 1 = —1 (mod 4), so —2 is a quadratic non-residue. Notice that —2 is a quadratic 


(c) 2?" +1 =1 (mod 4), so —2 is a quadratic residue. rendue of My = 3. 
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3 Suppose that p1, po, ..., Pn are the only primes of form 8k + 5. 
Consider the integer N = 4(pıp2 . . . Pn)? + 1. We observe that as each 
p? = 25 = 1 (mod 8), N itself is of the form 8k + 5. Being odd, N has 
some odd prime divisor p, and the congruence 
4(pıp2 . - - Pn)? = —1 (mod p) 


leads to (—1/p) = 1, as the left-hand side is a square. Property (e) of 
Theorem 2.1 now gives p = 1 (mod 4); that is, p = 1 (mod 8) or 
p = 5 (mod 8). 


The rest of the argument should be familiar. If all the prime divisors 
of N are of the form 8k + 1 then so too would be N itself. This is not 
the case and hence N must have at least one prime divisor of the form 
8k + 5; that is, N is divisible by one of the primes p;. But then p; 
divides N — 4(pıp2 . . . Pn)? = 1, which is the required contradiction. 


Hence there are infinitely many primes of the form 8k + 5. 


Section 4 


1 (a) (35/71) = (5/71)(7/71), by property (c), The properties are those of 
= (71/5)(—1)(71/7), by LQR, noting 7 = 71 = 3 (mod 4), Theorem 2.1. 
= (1/5)(-1)(1/7), by property (a), 
ZEN 
(b) (139/149) = (149/139), by LQR, both integers are prime and 149 = 1 (mod 4), 
= (10/139), by property (a), 
= (2/139)(5/139), by property (c), 
= (—1)(139/5), by Theorem 3.2 and LQR respectively, 
= (—1)(4/5), by property (a), 
= —1, by property (b). 
(c) (1234/4567) = (2/4567)(617/4567), by property (c), 
= (1)(4567/617), by Theorem 3.2 and LQR, noting that 617 is 
prime and 617 = 1 (mod 4), 
= (248/617), by property (a) since 7 x 617 = 4319, 
= (4/617)(2/617)(31/617), by property (c), 
= (1)(1)(617/31), by Theorem 3.2 and LQR, 
(28/31), by property (a), 
= (4/31)(7/31), by property (c), 
(1)(—1)(31/7), by property (b) and LQR, 
(—1)(3/7), by property (a), 
(—1)(-1)(7/3), by LQR, 
( 
1 


II 


= (1/3), by property (a), 


2 (a) The discriminant is 1? — 4 x 3 x (—7) = 85 = 0 (mod 17), so the 
congruence has a unique solution. 
(b) The discriminant is 1? — 4 x 2 x 1 = —7, so the existence or 
otherwise of solutions is determined by the value of (—7/29). 
(7/29) = (—1/29)(7/29), by property (c), 
= (1)(29/7), by property (e) and LQR, 
Ad: 


The congruence has solutions. 
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(c) The discriminant is 3? — 4 x 2 x (—7) = 65, so we investigate 
(65/101). 


(65/101) = (5/101)(13/101) 
= (101/5)(101/13) 
= (1/5)(10/13) 
= (1)(10/13) 
= (40/13), by property (c), using (4/13) = 1, 
= (l/c) =a 


The congruence has solutions. 


3 (a) Ifp=4k+4+3 then 
= 10p +3 = 40k + 33 = 4(10k + 8) + 1 = 4k' + 1. 


From this we see that p and q cannot both be congruent modulo 4 
to 3. Hence LQR gives 


(p/4) = (a/p) = (10p + 3/p) = (3/p). Note that 10p + 3 = 3 (mod p). 
(b) We consider separately the possible values of p modulo 4. 
If p= 4k +1 then 
(—1/p) = 1 and (p/q) = (q/p) = (10p + 1/p) = (1/p) = 1. 
If p = 4k + 3 then 
(—1/p) = —1 and q = 10p + 1 = 4(10k + 7) + 3, 
and so 
(p/q) = (—1)(4/p) = (—1)(10p + 1/p) = (—1)(1/p) = -1. 
In both cases (p/q) = (—1/p). 
4 The fact that 4” = 4 (mod 12) for all n > 1, is readily proved by 


Mathematical Induction. It is certainly true for n = 1 and the 
assumption that 4* = 4 (mod 12) leads to 


4k+l — 4k x 4=4x4=4 (mod 12). 
Using this we obtain the following. 
(a) 4” +1 = 5 (mod 12), for all n > 1. 
(b) 2?-1=2x 4-D/2?_1=2x4-—1=7 (mod 12), for all p > 3. 
(c) 22° +1=4 +1=5 (mod 12), for all n > 1. 
By Theorem 4.4, the integer 3 is a quadratic non-residue of each of 


these primes. 


5 For odd prime p Æ 7 we have: 


(p/7), ifp=1 (mod 4), 
(7/p) = { DET ifp =3 A 4). 


The quadratic residues of 7 are 1, 2 and 4, so: ES 2 =4, 3 =2 (mod 7) 


E 1, ifp=1,2 or 4 (mod 7), 
(p/7) = 2 if p = 3,5 or 6 (mod 7). 


Putting the two parts together, (7/p) = 1 if, and only if, 
either p= 1 (mod 4) and p= 1,2 or 4 (mod 7), 
or p=3(mod4) and p= 3,5 or 6 (mod 7). 
That is, ; 
(7/p) = 1 if, and only if, p = 1,3,9,19, 25 or 27 (mod 28). 
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Consider first the case p = q = 3 (mod 4). Then 
(—p/@) = (—1/4)(p/4) = (-1) (0/9) = (—1)(—1)(4/p) = (4/P) 
while i 
(—q/p) = (—1/p)(4/p) = (-1)(4/P), 
and so (—p/q) # (—4/p). 
In all other cases 
(—p/4) = (~1/4)(p/4) = (—1/4)(4/p), 
while 


(—4/p) = (-1/p)(4/P), 


and the two will be equal when (—1/q) = (—1/p). This happens when 
p =q (mod 4). As the case p = q = 3 (mod 4) has been eliminated, we 
conclude that 


(—p/q) = (—q/p) if, and only if, p = q = 1 (mod 4). 


discriminant 5 
Euler’s Criterion 7 
Gauss’ Lemma 15 


Jacobi symbol 28 


Law of Quadratic Reciprocity 21 
Legendre symbol, (a/p) 12 

LQR 21 

LQR an alternative formulation 21 


primitive root 10 


quadratic character 5 

quadratic character of 2, (2/p) 18 
quadratic character of 3, (3/p) 27 
quadratic congruence 4 

quadratic non-residue 5 
quadratic residue 5 
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